Lucene search

AcronisCVELIST:CVE-2022-44747

HistoryNov 07, 2022 - 7:00 p.m.

CVE-2022-44747

2022-11-0719:00:37

CWE-610

Acronis

www.cve.org

privilege escalation

soft link handling

acronis cyber protect home office

windows

cve-2022-44747

vulnerability

2.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107.

CNA Affected

[
  {
    "vendor": "Acronis",
    "product": "Acronis Cyber Protect Home Office",
    "platforms": [
      "Windows"
    ],
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThan": "40107",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security-advisory.acronis.com/advisories/SEC-4540

2.2 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2022-44747